oss-sec mailing list archives
Duplicate CVE: CVE-2015-7703 in NTP
From: Martin Prpic <mprpic () redhat com>
Date: Fri, 23 Oct 2015 08:54:26 +0200
Hi, It seems that NTP upstream has also requested a CVE (and had one assigned) for this issue: Bug 2902 : CVE-2015-7703 configuration directives "pidfile" and "driftfile" should only be allowed locally. (RedHat) [http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner] However, Red Hat assigned CVE-2015-5196 to this issue when it was first discovered: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5196 Can CVE-2015-7703 please be rejected? Thank you! -- Martin Prpič / Red Hat Product Security
Current thread:
- Duplicate CVE: CVE-2015-7703 in NTP Martin Prpic (Oct 22)
- Re: Duplicate CVE: CVE-2015-7703 in NTP cve-assign (Oct 23)
- Re: Re: Duplicate CVE: CVE-2015-7703 in NTP Kurt Seifried (Oct 23)
- Re: Re: Duplicate CVE: CVE-2015-7703 in NTP Florian Weimer (Oct 23)
- Re: Duplicate CVE: CVE-2015-7703 in NTP Brad Knowles (Oct 23)
- Re: Re: Duplicate CVE: CVE-2015-7703 in NTP Kurt Seifried (Oct 23)
- Re: Duplicate CVE: CVE-2015-7703 in NTP cve-assign (Oct 23)